diff options
| author | Jan Lehnardt <jan@apache.org> | 2018-07-14 11:37:12 +0200 |
|---|---|---|
| committer | Jan Lehnardt <jan@apache.org> | 2018-07-15 10:50:53 +0200 |
| commit | dd3a6b4dbfd0d7fee93d4a592ba85472543108a2 (patch) | |
| tree | 63491dda462e92482cd24cfd573b0abc86a90796 | |
| parent | dacb6583bc5b08c0c2ae2099a787c60eb0a33da8 (diff) | |
| download | couchdb-dd3a6b4dbfd0d7fee93d4a592ba85472543108a2.tar.gz | |
validate bind address by @wyc
| -rw-r--r-- | src/setup/src/setup.erl | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/src/setup/src/setup.erl b/src/setup/src/setup.erl index 943318675..955bdffbf 100644 --- a/src/setup/src/setup.erl +++ b/src/setup/src/setup.erl @@ -30,15 +30,29 @@ require_node_count(undefined) -> require_node_count(_) -> ok. -error_bind_address() -> - throw({error, "Cluster setup requires bind_addres != 127.0.0.1"}). - -require_bind_address("127.0.0.1", undefined) -> - error_bind_address(); -require_bind_address("127.0.0.1", <<"127.0.0.1">>) -> - error_bind_address(); -require_bind_address(_, _) -> - ok. +error_local_bind_address() -> + throw({error, "Cluster setup requires a remote bind_address (not 127.0.0.1 nor ::1)"}). + +error_invalid_bind_address(InvalidBindAddress) -> + throw({error, io:format("Setup requires a valid IP bind_address. " ++ + "~p is invalid.", [InvalidBindAddress])}). + +require_remote_bind_address(OldBindAddress, NewBindAddress) -> + case {OldBindAddress, NewBindAddress} of + {"127.0.0.1", undefined} -> error_local_bind_address(); + {_, <<"127.0.0.1">>} -> error_local_bind_address(); + {"::1", undefined} -> error_local_bind_address(); + {_, <<"::1">>} -> error_local_bind_address(); + {_, undefined} -> ok; + {_, PresentNewBindAddress} -> require_valid_bind_address(PresentNewBindAddress) + end. + +require_valid_bind_address(BindAddress) -> + ListBindAddress = binary_to_list(BindAddress), + case inet_parse:address(ListBindAddress) of + {ok, _} -> ok; + {error, _} -> error_invalid_bind_address(ListBindAddress) + end. is_cluster_enabled() -> % bind_address != 127.0.0.1 AND admins != empty @@ -143,7 +157,7 @@ enable_cluster_int(Options, false) -> % if bind_address == 127.0.0.1 and no bind_address in req -> error CurrentBindAddress = config:get("chttpd","bind_address"), NewBindAddress = proplists:get_value(bind_address, Options), - ok = require_bind_address(CurrentBindAddress, NewBindAddress), + ok = require_remote_bind_address(CurrentBindAddress, NewBindAddress), NodeCount = couch_util:get_value(node_count, Options), ok = require_node_count(NodeCount), Port = proplists:get_value(port, Options), @@ -162,6 +176,7 @@ setup_node(NewCredentials, NewBindAddress, NodeCount, Port) -> set_admin(Username, Password) end, + ok = require_valid_bind_address(NewBindAddress), case NewBindAddress of undefined -> config:set("chttpd", "bind_address", "0.0.0.0"); |